We leverage both commercial and open source network and application scanning tools and commonly known hacking techniques in an attempt to identify security vulnerabilities against the target environments and applications.

INFRASTRUCTURE & NETWORK LEVEL ASSESSMENT

This type of testing is aimed at identifying vulnerabilities at network and base operating system level and will be performed from the following perspectives:

2. Internal attacker. Someone having compromised external boundaries (either by hacking into the internal / DMZ environment or by having physically gained access to the premises) and attempting to perform malicious activities from within.

Network level assessments are performed using the following high level methodology:

Figure: Infrastructure / Network Level Assessment Approach

The methodology applied to network level assessments is similar to the widely accepted OSSTMM (Open Source Security Testing Methodology Manual).